1. Field of the Invention
The present invention generally relates to a field of security enhancements in computer networks and, in particular, to a method and apparatus for authenticating a user of a computer network.
2. Description of the Related Art
Security token devices, such as smart cards and the like, are commonly used to authenticate the user of protected network services. For example, in operation, a user who wishes to access a protected network service will need to enter a security token, often displayed on a security token device. The security token for each user is changed frequently, e.g., usually every few minutes. However, since the security token device and the system providing the protected network service are synchronized, both the security token device and the system will be in agreement as to what is the current security token that will allow the user to access the protected network service.
However, as the number of users of the protected network services increases, administration and maintenance of a growing fleet of the security token devices (e.g., issue of new devices, replacement of lost/damaged devices, etc.) becomes a complex and expansive process. Additionally, a user may need more than one token device to obtain access to different protected services.
Therefore, there is a need in the art for an improved method and apparatus for user authentication.